WEBVTT 1 00:00.830 --> 00:02.390 Hello and welcome back. 2 00:02.390 --> 00:09.800 In this lesson, I'm going to show you how to patch the file to change the password to your own password. 3 00:10.700 --> 00:16.310 So let's reload this previous program, which we did before, which is crackme_1. 4 00:17.390 --> 00:18.260 This one. 5 00:19.040 --> 00:20.750 So just open that now. 6 00:24.500 --> 00:29.540 And if you remember previously, we have breakpoints. 7 00:29.690 --> 00:32.510 We've already set the breakpoints over here. 8 00:33.380 --> 00:34.970 So let's run to that breakpoint. 9 00:35.000 --> 00:41.900 Now currently, let me resize the windows so that you can see the running window at the back. 10 00:44.710 --> 00:46.630 So let's run to that breakpoint. 11 00:47.020 --> 00:49.510 And now it has hit our breakpoint. 12 00:49.690 --> 00:51.220 And we will step over it. 13 00:52.000 --> 00:56.410 I will go to the graph view by right-clicking it and clicking on Graph. 14 00:59.470 --> 01:01.210 And resize the window a bit. 15 01:02.260 --> 01:06.940 And now I'm going to step over by pressing this. 16 01:07.720 --> 01:13.810 Keep on stepping over until it comes to this line where it will wait for your input. 17 01:15.220 --> 01:18.580 So let's keep on stepping over until it comes there. 18 01:18.610 --> 01:20.920 Now you see the text beginning to appear. 19 01:24.960 --> 01:26.040 And now we are here. 20 01:26.040 --> 01:31.230 Let's step over this one more time until the process turns to running state. 21 01:33.200 --> 01:38.480 Now it has turned to running state, which means that it is waiting for you to input. 22 01:39.080 --> 01:45.890 So let's go here now and key in any wrong password. 23 01:46.760 --> 01:50.480 123456789, 24 01:50.780 --> 01:51.830 hit Enter. 25 01:52.460 --> 01:55.490 And now once you hit Enter, it comes back to the pause state. 26 01:55.700 --> 01:57.830 That means it is waiting for you to step, 27 01:58.340 --> 01:59.300 step over. 28 01:59.420 --> 02:01.100 So let's step over now, 29 02:01.730 --> 02:02.300 continuing 30 02:02.300 --> 02:03.230 stepping over. 31 02:03.500 --> 02:10.880 And now it's coming to this line where it's going to move the real password into -. 32 02:11.690 --> 02:14.540 So this is the password you want to change. 33 02:14.570 --> 02:17.060 We want to change this into our own password. 34 02:17.570 --> 02:22.310 So to change that, we must go to the memory where this password is being stored. 35 02:23.000 --> 02:26.330 So to go to that memory, we click on this line first, 36 02:26.330 --> 02:31.100 and we see that the memory is 00578860. 37 02:31.610 --> 02:37.100 We can go there now by right-clicking this and Follow in Dump. 38 02:37.610 --> 02:40.760 And then select that memory address, straight away 39 02:40.760 --> 02:42.500 it takes you there, as you can see. 40 02:42.500 --> 02:48.860 So this window here is the memory dump where you can see the data that is stored in memory, 41 02:48.860 --> 02:51.740 and at that address you will see there is the password. 42 02:52.550 --> 02:55.700 So we want to change this password to our own password. 43 02:56.030 --> 03:03.620 Now notice that we have all these bytes that we can use up to here to change it to our own password. 44 03:04.700 --> 03:09.110 The last byte we can't use because the last byte is a null terminator. 45 03:09.170 --> 03:11.060 In programming, we all know, 46 03:11.060 --> 03:14.960 we all know that every string must terminate with a null terminator. 47 03:14.960 --> 03:18.350 So a null terminator is simply byte zero zero. 48 03:18.350 --> 03:20.000 So we must have a null terminator there. 49 03:20.210 --> 03:23.870 So we can use all these bytes for our new password, 50 03:23.870 --> 03:26.690 all these bytes here, leaving the null terminator. 51 03:26.690 --> 03:33.140 That, and also we don't want to overwrite and come over here because this next string, "Congratulations," 52 03:33.140 --> 03:37.550 is required by the program when it prints a congratulatory message. 53 03:38.150 --> 03:46.130 So now to change these bytes to our own password, we just right-click this, right-click this 54 03:46.130 --> 03:49.070 and then select Binary, Edit. 55 03:50.420 --> 03:57.230 And here you can see you can either change the password using the ASCII text field or Unicode. 56 03:57.380 --> 03:59.030 But this one is not Unicode. 57 03:59.030 --> 04:05.930 This is ASCII because if it is Unicode, every character will have two bytes. 58 04:05.930 --> 04:12.530 That means if it's Unicode, you will see E and then a dot, A and then a dot, S and then a dot. 59 04:12.860 --> 04:15.680 But in this case, there is no dot after each character. 60 04:15.680 --> 04:17.060 That means this is in ASCII. 61 04:17.090 --> 04:19.250 That means each character is one byte. 62 04:19.250 --> 04:21.920 So we need to use this box. 63 04:22.670 --> 04:27.290 So over here now we can enter our new password. 64 04:27.680 --> 04:33.800 We must make sure that our new password must not exceed this available bytes. 65 04:33.800 --> 04:44.810 So the available bytes here you can count is 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 15 bytes. 66 04:44.810 --> 04:49.400 That means we can enter a new password which is 15 characters long. 67 04:49.400 --> 04:58.220 So let's enter CrackingLessons, which is 15 characters long, CrackingLessons. 68 04:58.910 --> 05:04.940 So this is 15 characters long, and it will eat up up to this byte and leaving one null terminator at 69 05:04.940 --> 05:05.420 the back. 70 05:06.440 --> 05:08.120 And then now we click Okay. 71 05:08.960 --> 05:15.200 So you can see that we have already modified the password to become our own password, CrackingLessons. 72 05:15.740 --> 05:17.030 Now we can patch it. 73 05:17.030 --> 05:23.390 Just go to File and select Patch File, and then click on Patch. 74 05:23.930 --> 05:25.640 And then we give it a new name, 75 05:26.570 --> 05:32.870 crackme_1-2, click Save. 76 05:35.080 --> 05:35.830 Click Okay. 77 05:35.830 --> 05:41.020 And now we can close this and run our new patch, 78 05:42.110 --> 05:43.010 this one. 79 05:43.250 --> 05:47.750 So double-click this, and first we will enter the real password, 80 05:47.750 --> 05:50.990 the previous password, easy password. 81 05:51.740 --> 05:53.570 And this time it will reject it. 82 05:53.570 --> 05:54.710 It says failed. 83 05:54.830 --> 05:57.530 Now we enter our own new password. 84 05:59.660 --> 06:01.610 CrackingLessons, Enter. 85 06:01.610 --> 06:03.110 And it says Congratulations. 86 06:03.110 --> 06:05.030 You entered the correct password. 87 06:05.210 --> 06:10.790 So this is how we can patch the file to modify the password to your own password. 88 06:11.660 --> 06:13.490 So that's all for this video. 89 06:13.490 --> 06:14.900 Thank you for watching.